IBM DB2 Information Disclosure Vulnerability CVE-2021-20373 Analysis

Vulnerability Key Information Vulnerability ID: CVE-2021-20373 CVSS 3.0 Base Score: 5.9 - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None CVSS 3.0 Temporal Score: 5.2 - Exploitability: Unproven - Remediation Level: Official Fix - Report Confidence: Confirmed CVSS: 5.9 Vulnerability Consequence: Obtain Information Remediation Recommendation: Refer to IBM Security Bulletin 6523804 for patch, upgrade, or suggested workaround information. Affected Products: - IBM DB2 for Linux, UNIX and Windows 10.5 - IBM DB2 for Linux, UNIX and Windows 10.1 - IBM DB2 for Linux, UNIX and Windows 9.7 - IBM DB2 for Linux, UNIX and Windows 11.1 Dependent Products: - IBM Db2 Warehouse 11.5 - IBM Intelligent Operations Center 5.1.0 - IBM Intelligent Operations Center 5.1.0.2 - IBM Intelligent Operations Center 5.1.0.3 External Links: - https://www.ibm.com/support/pages/node/6523804 - https://www.ibm.com/support/pages/node/6536602 - https://www.ibm.com/support/pages/node/6541958 - https://www.ibm.com/support/pages/node/6562919

Goal Reached Thanks to every supporter — we hit 100%!

IBM DB2 Information Disclosure Vulnerability CVE-2021-20373 Analysis